It’s probably safe for me to assume that your Windows File Servers store critical, sensitive information at this very moment in time. In the modern world, data is more valuable than oil, and is now considered to be the most valuable resource in the world. Ensuring that File Server is secure should be high on the list of priorities for any organization that stores sensitive data. Unfortunately, many of the ways to secure File Server are complex, expensive or just too time consuming to fully integrate into business practices.
File Server Security is More than an IT Problem
Unfortunately, in many enterprises we deal with, there is still a misconception that IT security is solely the realm of the IT team. This couldn’t be further from the truth. In fact, many modern IT departments are often stretched for time, budgets and personnel – even in large organizations. Claiming that File Server security is wholly on the shoulders of System Administrators and IT Managers is simply passing the buck.
Auditing File Server activity is a thankless task. It’s mundane, time consuming and often gets delayed or put off entirely because of this. However, regular proactive and audits of File System activity is necessary to pass compliance audits and mitigate the risks of a data breach. As this is such an important activity, it stands to reason that the IT department should get as much help as possible from other areas of the business.
File Server security is an organization-wide issue that needs to be handled simultaneously from multiple departments. The way to do this is through delegation of certain audit tasks to users outside the IT team.
Why Delegating Works
Let’s be clear here, I’m not suggesting that you can delegate these tasks to just anyone in the business. Due to the importance of the task you must be careful who you select. They will have to be knowledgeable of Windows File Systems, aware of security risks and be high enough up in the rank of the organization that they are privy to this information. We’re probably talking here about heads of departments, directors and line managers.
The reason that these people are well equipped to assist with auditing File Server activity is that they have the best idea about what kind of access their users should and should not have within the system. Simply knowing the names of the users who should have access to a particular folder or should be part of a particular group helps you notice when inappropriate access occurs of when permissions are abused. Because these people are already using the systems in question, they know what normal access looks like and therefore will be better able to detect abnormal patterns.
By delegating in this way, the IT team are free to focus on other business-critical tasks without the weight of continuous audits on their shoulders. By handing responsibility to business heads, you may even get more accurate audits, as they are closer to the action, so to speak.
How to Start Delegating File Server Security to Users
The most important part of delegating File Server change tracking to users is to clear the idea with the top brass in the organization. Ensure that the board and top-level management understand the benefits of this method, so that they can disseminate this information throughout the rest of the organization.
As mentioned before, another important task is to ensure you select the right people for the job. Remember that whomever you choose to be responsible will be in charge of reviewing activity concerning sensitive files and folders, so they must be trustworthy. They should also thoroughly understand the importance of the task and the ramifications of not completing it.
Ensure that you plan out the frequency of the audits you intend to carry out (hint, make them frequent!). Also, ensure that there are processes in place for the people in charge to feedback the data to the IT team should they spot anything out of the ordinary.
How to use LepideAuditor to Improve IT Security
LepideAuditor’s File Server Auditing component, is an auditing and monitoring solution that enables organizations to track, alert and report on changes taking place to critical data within Windows File Server.
Using this solution, IT teams can send audit reports via email to the key members of their organization for events including files and folders created, modified, deleted, moved, renamed and copied.
The key personnel in your File Server security plan can also get real time alerts for critical events, such as when the permissions of any files and folders change, any files and folders are deleted, renamed, modified and much more.
These alerts and reports will enable your key players to monitor and instantly review any changes to critical files and folders in order to feed them back to the IT team.